Skip to content

Bump the npm_and_yarn group across 2 directories with 8 updates #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the npm_and_yarn group across 2 directories with 8 updates #6

wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Mar 25, 2024

Bumps the npm_and_yarn group with 4 updates in the /smart_contracts/ethereum/custompin_sample directory: browserify-sign, flat, eth-gas-reporter and undici.
Bumps the npm_and_yarn group with 5 updates in the /smart_contracts/ethereum/solidity_firefly directory:

Package From To
got 9.6.0 ``
solidity-coverage 0.7.22 0.8.11
flat 4.1.1 5.0.2
eth-gas-reporter 0.2.25 0.2.27
undici 5.20.0 5.28.3

Updates browserify-sign from 4.2.1 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

v4.2.2 - 2023-10-25

Fixed

Commits

  • Only apps should have lockfiles 09a8995
  • [eslint] switch to eslint 83fe463
  • [meta] add npmignore and auto-changelog 4418183
  • [meta] fix package.json indentation 9ac5a5e
  • [Tests] migrate from travis to github actions d845d85
  • [Fix] sign: throw on unsupported padding scheme 8767739
  • [Fix] properly check the upper bound for DSA signatures 85994cd
  • [Tests] handle openSSL not supporting a scheme f5f17c2
  • [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
  • [Dev Deps] update nyc, standard, tape cc5350b
  • [Tests] always run coverage; downgrade nyc 75ce1d5
  • [meta] add safe-publish-latest dcf49ce
  • [Tests] add npm run posttest 75dd8fd
  • [Dev Deps] update tape 3aec038
  • [Tests] skip unsupported schemes 703c83e
  • [Tests] node < 6 lacks array includes 3aa43cf
  • [Dev Deps] fix eslint range 98d4e0d
Commits
  • bf2c3ec v4.2.3
  • 9247adf [patch] widen support to 0.12
  • f427270 [Deps] update `parse-asn1
  • 87f3a35 [Dev Deps] update aud, npmignore, tape
  • fb261ce [Deps] update elliptic
  • 4d0ee49 [patch] drop minimum node support to v1
  • 9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
  • 168e16f [Deps] pin elliptic due to a breaking change
  • 37a4758 [actions] remove redundant finisher
  • 4af5a90 v4.2.2
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.


Updates flat from 4.1.1 to 5.0.2

Commits
  • e5ffd66 Release 5.0.2
  • fdb79d5 Update dependencies, refresh lockfile, format with standard.
  • e52185d Test against node 14 in CI.
  • 0189cb1 Avoid arrow function syntax.
  • f25d3a1 Release 5.0.1
  • 54cc7ad use standard formatting
  • 779816e drop dependencies
  • 2eea6d3 Bump lodash from 4.17.15 to 4.17.19
  • a61a554 Bump acorn from 7.1.0 to 7.4.0
  • 20ef0ef Fix prototype pollution on unflatten
  • Additional commits viewable in compare view

Updates eth-gas-reporter from 0.2.25 to 0.2.27

Release notes

Sourced from eth-gas-reporter's releases.

v0.2.27

What's Changed

Full Changelog: cgewecke/eth-gas-reporter@v0.2.26...v0.2.27

v0.2.26

What's Changed

New Contributors

Full Changelog: cgewecke/eth-gas-reporter@v0.2.2...v0.2.26

Changelog

Sourced from eth-gas-reporter's changelog.

0.2.27 / 2023-09-30

0.2.26 / 2023-09-29

0.2.23 / 2021-11-26

0.2.22 / 2021-03-04

0.2.21 / 2021-02-16

0.2.20 / 2020-12-01

  • Add support for remote contracts data pre-loading (hardhat-gas-reporter feature)

0.2.19 / 2020-10-29

  • Delegate contract loading/parsing to artifactor & make optional (#227)

0.2.18 / 2020-10-13

  • Support multiple codechecks reports per CI run
  • Add CI error threshold options: maxMethodDiff, maxDeploymentDiff
  • Add async collection methods for BuidlerEVM
  • Update solidity-parser/parser to 0.8.0 (contribution: @​vicnaum)
  • Update dev deps / use Node 12 in CI

0.2.17 / 2020-04-13

  • Use @​solidity-parser/parser for better solc 0.6.x parsing
  • Upgrade Mocha to ^7.1.1 (to remove minimist vuln warning)
  • Stop crashing when parser or ABI Encoder fails
  • Update @​ethersproject/abi to ^5.0.0-beta.146 (and unpin)

... (truncated)

Commits

Updates follow-redirects from 1.15.2 to 1.15.6

Commits
  • 35a517c Release version 1.15.6 of the npm package.
  • c4f847f Drop Proxy-Authorization across hosts.
  • 8526b4a Use GitHub for disclosure.
  • b1677ce Release version 1.15.5 of the npm package.
  • d8914f7 Preserve fragment in responseUrl.
  • 6585820 Release version 1.15.4 of the npm package.
  • 7a6567e Disallow bracketed hostnames.
  • 05629af Prefer native URL instead of deprecated url.parse.
  • 1cba8e8 Prefer native URL instead of legacy url.resolve.
  • 72bc2a4 Simplify _processResponse error handling.
  • Additional commits viewable in compare view

Updates undici from 5.20.0 to 5.28.3

Release notes

Sourced from undici's releases.

v5.28.3

⚠️ Security Release ⚠️

Fixes:

Full Changelog: nodejs/undici@v5.28.2...v5.28.3

v5.28.2

What's Changed

New Contributors

Full Changelog: nodejs/undici@v5.28.1...v5.28.2

v5.28.1

What's Changed

Full Changelog: nodejs/undici@v5.28.0...v5.28.1

v5.28.0

What's Changed

... (truncated)

Commits

Removes got

Updates solidity-coverage from 0.7.22 to 0.8.11

Release notes

Sourced from solidity-coverage's releases.

v0.8.11

Summary

0.8.11 fixes a(nother) bug that resulted in some line hits remaining undetected when compiling with viaIR=true

What's Changed

Full Changelog: sc-forks/solidity-coverage@v0.8.10...v0.8.11

0.8.10

Summary

0.8.10 fixes a bug that resulted in some line hits remaining undetected when compiling with viaIR=true

What's Changed

Full Changelog: sc-forks/solidity-coverage@v0.8.9...v0.8.10

0.8.9

What's Changed

Full Changelog: sc-forks/solidity-coverage@v0.8.8...v0.8.9

0.8.8

What's Changed

Install

npm install --save-dev solidity-coverage@latest
npx hardhat clean

Full Changelog: sc-forks/solidity-coverage@v0.8.7...v0.8.8

0.8.7

What's Changed

viaIR now allowed

This release (hopefully) fixes a long-running problem solidity-coverage had with solc's viaIR compilation mode - It's now possible to use it without any special configuration. (Please report any ongoing issues with this to issue #861)

If you've been using .solcover.js options like configureYulOptimizer and solcOptimizerDetails as a work around, you should remove them when upgrading. (Don't forget to run the hardhat clean task after updating any coverage config stuff).

... (truncated)

Changelog

Sourced from solidity-coverage's changelog.

0.8.11 / 2024-03-07

0.8.10 / 2024-02-29

0.8.9 / 2024-02-27

0.8.8 / 2024-02-21

0.8.7 / 2024-02-09

0.8.6 / 2024-01-28

... (truncated)

Commits

Updates flat from 4.1.1 to 5.0.2

Commits
  • e5ffd66 Release 5.0.2
  • fdb79d5 Update dependencies, refresh lockfile, format with standard.
  • e52185d Test against node 14 in CI.
  • 0189cb1 Avoid arrow function syntax.
  • f25d3a1 Release 5.0.1
  • 54cc7ad use standard formatting
  • 779816e drop dependencies
  • 2eea6d3 Bump lodash from 4.17.15 to 4.17.19
  • a61a554 Bump acorn from 7.1.0 to 7.4.0
  • 20ef0ef Fix prototype pollution on unflatten
  • Additional commits viewable in compare view

Updates eth-gas-reporter from 0.2.25 to 0.2.27

Release notes

Sourced from eth-gas-reporter's releases.

v0.2.27

What's Changed

Full Changelog: cgewecke/eth-gas-reporter@v0.2.26...v0.2.27

v0.2.26

What's Changed

New Contributors

Full Changelog: cgewecke/eth-gas-reporter@v0.2.2...v0.2.26

Changelog

Sourced from eth-gas-reporter's changelog.

0.2.27 / 2023-09-30

0.2.26 / 2023-09-29

0.2.23 / 2021-11-26

0.2.22 / 2021-03-04

0.2.21 / 2021-02-16

0.2.20 / 2020-12-01

  • Add support for remote contracts data pre-loading (hardhat-gas-reporter feature)

0.2.19 / 2020-10-29

  • Delegate contract loading/parsing to artifactor & make optional (#227)

0.2.18 / 2020-10-13

  • Support multiple codechecks reports per CI run
  • Add CI error threshold options: maxMethodDiff, maxDeploymentDiff
  • Add async collection methods for BuidlerEVM
  • Update solidity-parser/parser to 0.8.0 (contribution: @​vicnaum)
  • Update dev deps / use Node 12 in CI

0.2.17 / 2020-04-13

  • Use @​solidity-parser/parser for better solc 0.6.x parsing
  • Upgrade Mocha to ^7.1.1 (to remove minimist vuln warning)
  • Stop crashing when parser or ABI Encoder fails
  • Update @​ethersproject/abi to ^5.0.0-beta.146 (and unpin)

... (truncated)

Commits

Updates follow-redirects from 1.15.2 to 1.15.6

Commits
  • 35a517c Release version 1.15.6 of the npm package.
  • c4f847f Drop Proxy-Authorization across hosts.
  • 8526b4a Use GitHub for disclosure.
  • b1677ce Release version 1.15.5 of the npm package.
  • d8914f7 Preserve fragment in responseUrl.
  • 6585820 Release version 1.15.4 of the npm package.
  • 7a6567e Disallow bracketed hostnames.
  • 05629af Prefer native URL instead of deprecated url.parse.
  • 1cba8e8 Prefer native URL instead of legacy url.resolve.
  • 72bc2a4 Simplify _processResponse error handling.
  • Additional commits viewable in compare view

Updates undici from 5.20.0 to 5.28.3

Release notes

Sourced from undici's releases.

v5.28.3

⚠️ Security Release ⚠️

Fixes:

Full Changelog: nodejs/undici@v5.28.2...v5.28.3

v5.28.2

What's Changed

New Contributors

Full Changelog: nodejs/undici@v5.28.1...v5.28.2

v5.28.1

What's Changed

Full Changelog: nodejs/undici@v5.28.0...v5.28.1

v5.28.0

What's Changed

... (truncated)

Commits

Updates web3-utils from 1.7.4 to 1.8.2

Release notes

Sourced from web3-utils's releases.

web3-utils@4.0.0-alpha.0

Initial alpha release

Install with yarn add web3-utils@4.0.0-alpha.0

Changelog

Sourced from web3-utils's changelog.

[1.7.4]

Fixed

  • Fix dead link in web3-eth.rst (#4916)
  • Fix web3-core-method throws on f.call = this.call when intrinsic is frozen (#4918) (#4938)
  • Fix static tuple encoding (#4673) (#4884)
  • Fix bug in handleRevert logic for eth_sendRawTransaction (#4902)
  • Fix resolve type of getBlock function (#4911)
  • Web3-utils BN fix (#5132)

Changed

  • Replace deprecated String.prototype.substr() (#4855)
  • Exporting AbiCoder as coder (#4937)
  • Github build workflow updated min build for node.js 12 and tests for 12, 14 and 16 (#5014)
  • Updated libraries using BN and the BN library (#5072)

Added

  • Exposing web3.eth.Contract.setProvider() as per public documentation (#4822) (#5001)
  • Improve npm script commands for development purposes (#4848)

Security

  • npm audit fix to address vulnerabilities and update libraries (#5014)

[1.7.5]

Changed

  • Replace xhr2-cookies deps to cross-fetch for web3-providers-http (#5085)

Added

  • Documentation details about maxFeePerGas and maxPriorityFeePerGas (#5121)
  • Added createAccessList types in web3.eth (#5146)

Fixed

  • Improving AbstractProvider interface (#5150)
  • Fix typos in web3-eth-accounts.rst & TESTING.md (#5047)
  • Fix remove wallet using an index when an account address and address lowercase are equal (#5049)
  • Improve README.md & Fix typos (#4848)
  • Add optional hex formatting parameter for getTransactionrReceipt (#5153)
  • Fix transactionRoot -> transactionsRoot in BlockHeader (#5083)
  • Fix Promise in Accounts.signTransaction() throwing errors that cannot be caught (#4724)
  • Fixed unit tests & removed dead code for web3-providers-http (#5228)

Security

  • Updated got lib version and fixed other libs using npm audit fix (#5178) (#5254)

[1.8.0]

Changed

  • Updated sha3 and sha3Raw type definition to accept Buffer
  • Removing legacy field in lerna.json (#5403)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the npm_and_yarn group across 2 directories with 8 updates
94aac0d 
Bumps the npm_and_yarn group with 4 updates in the /smart_contracts/ethereum/custompin_sample directory: [browserify-sign](https://github.com/crypto-browserify/browserify-sign), [flat](https://github.com/hughsk/flat), [eth-gas-reporter](https://github.com/cgewecke/eth-gas-reporter) and [undici](https://github.com/nodejs/undici).
Bumps the npm_and_yarn group with 5 updates in the /smart_contracts/ethereum/solidity_firefly directory:

| Package | From | To |
| --- | --- | --- |
| [got](https://github.com/sindresorhus/got) | `9.6.0` | `` |
| [solidity-coverage](https://github.com/sc-forks/solidity-coverage) | `0.7.22` | `0.8.11` |
| [flat](https://github.com/hughsk/flat) | `4.1.1` | `5.0.2` |
| [eth-gas-reporter](https://github.com/cgewecke/eth-gas-reporter) | `0.2.25` | `0.2.27` |
| [undici](https://github.com/nodejs/undici) | `5.20.0` | `5.28.3` |


Updates `browserify-sign` from 4.2.1 to 4.2.3
- [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md)
- [Commits](browserify/browserify-sign@v4.2.1...v4.2.3)

Updates `flat` from 4.1.1 to 5.0.2
- [Release notes](https://github.com/hughsk/flat/releases)
- [Commits](hughsk/flat@4.1.1...5.0.2)

Updates `eth-gas-reporter` from 0.2.25 to 0.2.27
- [Release notes](https://github.com/cgewecke/eth-gas-reporter/releases)
- [Changelog](https://github.com/cgewecke/eth-gas-reporter/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cgewecke/eth-gas-reporter/commits/v0.2.27)

Updates `follow-redirects` from 1.15.2 to 1.15.6
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.6)

Updates `undici` from 5.20.0 to 5.28.3
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](nodejs/undici@v5.20.0...v5.28.3)

Removes `got`

Updates `solidity-coverage` from 0.7.22 to 0.8.11
- [Release notes](https://github.com/sc-forks/solidity-coverage/releases)
- [Changelog](https://github.com/sc-forks/solidity-coverage/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sc-forks/solidity-coverage/commits/v0.8.11)

Updates `flat` from 4.1.1 to 5.0.2
- [Release notes](https://github.com/hughsk/flat/releases)
- [Commits](hughsk/flat@4.1.1...5.0.2)

Updates `eth-gas-reporter` from 0.2.25 to 0.2.27
- [Release notes](https://github.com/cgewecke/eth-gas-reporter/releases)
- [Changelog](https://github.com/cgewecke/eth-gas-reporter/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cgewecke/eth-gas-reporter/commits/v0.2.27)

Updates `follow-redirects` from 1.15.2 to 1.15.6
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.6)

Updates `undici` from 5.20.0 to 5.28.3
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](nodejs/undici@v5.20.0...v5.28.3)

Updates `web3-utils` from 1.7.4 to 1.8.2
- [Release notes](https://github.com/ChainSafe/web3.js/releases)
- [Changelog](https://github.com/web3/web3.js/blob/v1.8.2/CHANGELOG.md)
- [Commits](web3/web3.js@v1.7.4...v1.8.2)

---
updated-dependencies:
- dependency-name: browserify-sign
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: flat
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: eth-gas-reporter
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: follow-redirects
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: undici
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: got
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: solidity-coverage
  dependency-type: direct:development
  dependency-group: npm_and_yarn-security-group
- dependency-name: flat
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: eth-gas-reporter
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: follow-redirects
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: undici
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: web3-utils
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 25, 2024
@dependabot dependabot bot mentioned this pull request Mar 25, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant